
<!DOCTYPE html>
<html>
    <head>
        <meta charset="utf-8">
        <title><?php echo htmlspecialchars($system); ?></title>
    </head>
    
    <body>
    <?php
        include('sql.php');
        session_start();
        session_regenerate_id(true);
        
        $name = $_POST['name'];
        $password = md5($_POST['password']);

        $query = "SELECT id FROM admin_user WHERE username=? AND password=?";
        $stmt = $link->prepare($query);
        $stmt->bind_param("ss", $name, $password);
        $stmt->execute();
        $result = $stmt->get_result();
        
        if ($result->num_rows > 0) {
            $row = $result->fetch_assoc();
            $_SESSION['id'] = $row['id'];
            header("Location: home.php");
            exit();
        } else { ?>
        <script type="text/javascript">window.alert("系统系统：账户或密码错误！");window.history.back();</script>
    <?php } ?>
    </body>
</html>
